Definitions[]
An audit log is a
| “ | [c]hronological record of system activities. Provides an independently verifiable trail sufficient to permit reconstruction, review, and examination of sequence of environments and activities surrounding or leading to operation, procedure, or event in a transaction from inception to final results.[1] | ” |
| “ | chronological record of system activities. Includes records of system accesses and operations performed in a given period.[2] | ” |
An audit log is "[a] record providing documentary evidence of specific events."[3]
Overview[]
It "captures user activity (e.g., login activity, file accesses, commands run)."[4]
References[]
- ↑ Payment Card Industry (PCI) Data Security Standard Glossary, Abbreviations and Acronyms (full-text).
- ↑ 12 FAM 090 (full-text).
- ↑ NIST Special Publication 800-152, at 125.
- ↑ Report on the NS/EP Implications of Intrusion Detection Technology Research and Development, at 13.